58f12fd7e0687be0b752c59136e1423a

General

Target

58f12fd7e0687be0b752c59136e1423a
Size

28KB
MD5

58f12fd7e0687be0b752c59136e1423a
SHA1

f7f4c965a7699009349bfebb914492fe46f7d656
SHA256

887c6862188ea5e23c1be09ce607f8a90024ed67b2d873457cd394a99f3531dd
SHA512

c253afd21c41a5745824491ef13dee32062cd72a2e1f67ddc02fac50cc67c42fdc9f77f92b1d7a3d1badb56cb04338012ca8eaa421831dc33d52b57f304859b5
SSDEEP

768:8SefAjZdglA7NKgSZbFbYkpAXqr9j2ajqC:wfARKgOFdr52a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58f12fd7e0687be0b752c59136e1423a

Files

58f12fd7e0687be0b752c59136e1423a
.exe windows:4 windows x86 arch:x86

786870a7b89acfa6da90035bb7134a07

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
GetProcAddress
GetModuleHandleA
GetLastError
CreateEventA
FreeLibrary
CreateFileA
WaitForSingleObject
LoadResource
FindResourceA
Sleep
CloseHandle
GetFileAttributesA
DeleteFileA
ExitThread
GetModuleFileNameA
lstrcpyA
lstrcatA
WideCharToMultiByte
ExitProcess
Process32First
LoadLibraryA
CreateToolhelp32Snapshot
CompareStringA
lstrcmpA
lstrlenA
SetEvent
LoadLibraryW
ResetEvent
WaitForMultipleObjects
CreateThread
WriteFile

user32

TranslateMessage
BeginPaint
wsprintfA
DispatchMessageA
SetThreadDesktop
PeekMessageA
CreateWindowExA
EndPaint
CreateDesktopA
MsgWaitForMultipleObjects
DestroyWindow
ShowWindow

advapi32

RegEnumKeyA
RegLoadKeyW
RegOpenKeyA
RegQueryValueExA
RegSaveKeyA
RegOpenKeyExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExA
RegNotifyChangeKeyValue

ole32

CoUninitialize
CoInitialize

shell32

SHGetFolderPathA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

786870a7b89acfa6da90035bb7134a07

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shell32

Sections

.text Size: 9KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 9KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 14KB - Virtual size: 13KB